826 matches found
PT-2025-3662 · Linux · Linux Kernel
The vulnerable software is the Linux kernel. The issue arose from a regression in the kernel's memory management subsystem, specifically in the handling of write-sealed memfd mappings. The problem was introduced by a commit that moved a check for mapping writability before the shmem mmap hook was...
CVE-2018-9371
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...
CVE-2018-9371
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...
CVE-2018-9371
In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional...
SUSE CVE-2024-50295
In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dmamapsingle/dmaunmapsingle The ndev-dev and pdev-dev aren't the same device, use ndev-dev.parent which has dmamask, ndev-dev.parent is just pdev-dev. Or it would cause the following issue: 39.933526...
DEBIAN-CVE-2024-50295
In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dmamapsingle/dmaunmapsingle The ndev-dev and pdev-dev aren't the same device, use ndev-dev.parent which has dmamask, ndev-dev.parent is just pdev-dev. Or it would cause the following issue: 39.933526...
UBUNTU-CVE-2024-50295
In the Linux kernel, the following vulnerability has been resolved: net: arc: fix the device for dmamapsingle/dmaunmapsingle The ndev-dev and pdev-dev aren't the same device, use ndev-dev.parent which has dmamask, ndev-dev.parent is just pdev-dev. Or it would cause the following issue: 39.933526...
PT-2024-10648 · Mediatek · Mediatek Preloader
Name of the Vulnerable Software and Affected Versions: Mediatek Preloader affected versions not specified Description: The issue is related to out of bounds reads and writes in the Mediatek Preloader due to an exposed interface. This interface allows arbitrary peripheral memory mapping with...
CLSA-2024-1731933167 kernel: Fix of 36 CVEs
smb: client: fix use-after-free in smb2queryinfocompound CVE-2023-52751 - smb: client: prevent new fids from being removed by laundromat CVE-2023-52751 - cifs: fix dentry lookups in directory handle cache CVE-2023-52751 - uprobe: avoid out-of-bounds memory access of fetching args CVE-2024-50067 -...
CLSA-2024-1731430561 kernel: Fix of 31 CVEs
driver core: bus: Fix double free in driver API busregister CVE-2024-50055 - net: tun: Fix use-after-free in tundetach CVE-2022-49014 - memcg: fix possible use-after-free in memcgwriteeventcontrol CVE-2022-48988 - ppp: fix pppasyncencode illegal access CVE-2024-50035 - drivers: media:...
kernel: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section
In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...
kernel: mm/page_table_check: fix crash on ZONE_DEVICE
A vulnerability was found in the Linux kernel's mm/pagetablecheck component, specifically related to ZONEDEVICE pages. When page-table-check is enabled, attempting to map DAX memory can lead to a kernel crash due to invalid checks on these pages, which do not allocate pageext...
CVE-2024-50250
A buffer overrun exists in the Linux kernel. When pos and len are passed to daxfileunshare, they are not aligned to an fsblock boundary, and the iteration of pos and length in the iter function will reflect this. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2024-50250
In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...
UBUNTU-CVE-2024-50250
In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...
CVE-2024-50250 fsdax: dax_unshare_iter needs to copy entire blocks
In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...
CVE-2024-50250
The CVE-2024-50250 issue affects the Linux kernel fsdax code: dax_unshare_iter copies data from srcmap to iomap and previously did not align copy_pos/copy_len to a page boundary, allowing misalignment when iter->pos and length are not page-aligned. The bug can cause data corruption (when iter-...
DEBIAN-CVE-2024-50171
In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcmsysportxmit The bcmsysportxmit returns NETDEVTXOK without freeing skb in case of dmamapsingle fails, add devkfreeskb to fix it...
UBUNTU-CVE-2024-50171
In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcmsysportxmit The bcmsysportxmit returns NETDEVTXOK without freeing skb in case of dmamapsingle fails, add devkfreeskb to fix it...
kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine."
A vulnerability was found in the Linux kernel's ACPICA component, where improper handling of memory mappings can lead to a NULL pointer dereference. This issue arises when mapping requests exceed page boundaries, resulting in attempts to access unmapped memory...